Losing a job and struggling with finances have added significant stress to those trying to stay safe during the COVID-19 pandemic. It is no secret that for weeks, state departments administering unemployment compensation have been under fire due to massive backlogs of unprocessed claims. Adding to claimants’ frustrations are a number of security incidents affecting several states’ agencies. We previously reported that the Small Business Administration experienced a breach compromising personal data for thousands of applications for financial assistance. Now we are seeing state level entities experiencing security compromises.

Pandemic Unemployment Assistance (PUA) is unemployment compensation available to self-employed and “gig” workers. In the past several weeks, thousands of workers in several states who applied for PUA received notice that their personal information was possibly exposed to other users. The personal information exposed included social security numbers, addresses, names, and the amount workers were receiving in benefits. Fortunately, at least at this time, there is no evidence personal information was misused and the alerts from the states were preventative.

Such news is hardly uncommon. We have already written on the ways mistakes and the actions of bad actors are affecting the security of personal data. However, this news is particularly painful and tragic as we see individuals already struggling with the hardships of unemployment now having to deal with the added stress and steps required to protect their personal data against misuse.

Times of crisis understandably distract us from the things that routinely keep us safe and operational. Consumers and businesses, alike, need to remain vigilant when it comes to safeguarding personal information, now more than ever. Consumers should take charge of their personal data, whenever possible. Consumers should regularly review accounts for any irregular activity and report such activity immediately. Credit accounts should be frozen to protect against unauthorized access. The process is simple and inexpensive, and often free.

Businesses should regularly audit system activity for irregular activity and take steps to actively upgrade and improve security, especially as new threats emerge. Companies should exercise diligence any time they update company systems with new software to ensure such software does not introduce security vulnerabilities. The bad guys are looking for just one door to be opened, even momentarily. Again, when companies are faced with keeping the lights on and employees employed, it can be understandable that data privacy and security might take a back seat. However, as we have found out, failing to keep privacy and security in focus can only make tough times even worse.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Scot Ganow Scot Ganow

Scot is a partner in Taft’s Dayton office, and chair of the firm’s Privacy and Data Security Practice.  As a former chief privacy officer and leveraging more than ten years of management and compliance experience in Fortune 500 companies, Scot brings a diverse…

Scot is a partner in Taft’s Dayton office, and chair of the firm’s Privacy and Data Security Practice.  As a former chief privacy officer and leveraging more than ten years of management and compliance experience in Fortune 500 companies, Scot brings a diverse business background to his privacy and data security practice. Scot has represented clients in a variety of sectors, including consumer reporting, construction, healthcare, and manufacturing.

Photo of Jennifer Brumby Jennifer Brumby

Jennifer represents clients throughout Ohio in both federal and state courts in litigation matters related to employment agreements, personnel policies and workers’ compensation. With previous experience working in-house as a human resources manager and attorney in the public sector, Jennifer has direct experience…

Jennifer represents clients throughout Ohio in both federal and state courts in litigation matters related to employment agreements, personnel policies and workers’ compensation. With previous experience working in-house as a human resources manager and attorney in the public sector, Jennifer has direct experience working with clients on labor and employment issues such as recruitment, performance evaluations, disciplinary actions, benefits programs, collective bargaining matters and ensuring employee procedures and policies are in compliance with state and federal laws.